Lucene search

[email protected]CVE-2011-2589

HistoryAug 09, 2011 - 10:55 p.m.

CVE-2011-2589

2011-08-0922:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-2589

uuplayer

activex control

buffer overflow

security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument.

Affected configurations

NVD

Node

uuseeuuplayer_activex_controlMatch6.0.0.1

uuseeuuseeMatch2010_6.11.0609.2

CPENameOperatorVersion
uusee:uuplayer_activex_controluusee uuplayer activex controleq6.0.0.1
uusee:uuseeuuseeeq2010_6.11.0609.2

CPE	Name	Operator	Version
uusee:uuplayer_activex_control	uusee uuplayer activex control	eq	6.0.0.1
uusee:uusee	uusee	eq	2010_6.11.0609.2

References

secunia.com/advisories/44885

secunia.com/secunia_research/2011-60/

www.osvdb.org/74216

www.securityfocus.com/bid/48975

exchange.xforce.ibmcloud.com/vulnerabilities/68974

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2011-2589

nvd1 cvelist1 prion1 openvas2 seebug1